Half of Companies Not Ready for BYOD

Boston (February 25, 2014)

By Daniel Hood

Just over half (53 percent) of businesses are unprepared to deal with security breaches to corporate- or employee-owned notebooks, tablets and smartphones used under “Bring Your Own Device” policies, according to a new survey.

The 2014 State of Security Survey, conducted by research firm ITIC and security awareness training firm KnowBe4, also reported that 10 percent of companies indicated that BYOD devices had been hacked in the last year – but 40 percent of respondents said that had no way of knowing whether they had been hacked.

The survey polled 250 companies worldwide, and found that 65 percent now allow end users to BYOD and use them to access organization data, including e-mail, applications and sensitive data. At the same time, 55 percent of organizations are not increasing or strengthening their existing security measures.

“Mobile devices are the new target-rich environment,” said KnowBe4 chief hacking officer Kevin Mitnick, in a statement. “Based on lessons learned in the early days of the personal computer, businesses should make it a top priority to proactively address mobile security so they avoid the same mistakes [of the PC era] that resulted in untold system downtime and billions of dollars in economic loss.”

Among the other highlights of the survey:

Almost half of organizations (43 percent) currently have no designated BYOD security policies.

Only 13 percent of respondents said their companies have specific policies in place to deal with BYOD deployments, while another 9 percent indicated they were in the process of developing BYOD procedures.

The vast majority (80 percent) consider strong anti-virus, intrusion detection and firewalls the most important/critical element and most effective mechanism to safeguard their networks.

1 Comment

Phones, in particular, have not traditionally been viewed by most business owners as a primary platform for information theft or damage - other than when an employee uses one to tell someone something they shouldn't. But in terms of intrusion, data theft, application hacking and things like that... not so much. But that was before phones got really smart.
http://coopermann.com/2012/09/25/mobility-and-the-cloud-managing-bring-your-own-device-and-securing-company-resources/